Problem to connect to one site with https tls

‎02-04-201611:52 PM

We have problem to connect to one particular site with ssl www.swedbank.se. The connection times out and we get one error, saying ERR_CONNECTION_RESET. The mystery is that we have a network with mac authentication where it works over Wi-Fi and when we authentication via WPA2 + radius verification, does not work. From ethernet cable it also works great. One thing we tried was to change the mtu to 1500 and when we do that it works. But the strange thing, how can the authentication to the site works with mac authentication when we not have change mtu? Please help me, we are struggling...

Re: Problem to connect to one site with https tls

‎03-17-201602:42 AM

We have now solved the problem or perhaps made one workaround. We have change the MTU for the ap to 1500. The site works plus that streaming have start working better from two streaming services that we had problem with.

Re: Problem to connect to one site with https tls

‎03-17-201602:54 AM

We do not now what network elements are between the access point and the site you are mentioning. Solving a problem by changing the MTU is very, very rare, so you should open a TAC case so they can look at all of the equipment in the path and work with you to determine what is wrong. The possibilities could be endless... This is not typical.

Re: Problem to connect to one site with https tls

‎03-18-201612:28 AM

As you say, we believe that they are something else causing this. We are in contact with our supplier of Aruba but not received any a good answer yet. We check also our firewall if we have any problem there.

Can the chang of MTU cause problems or can it work until we come to the root of problem?

Re: Problem to connect to one site with https tls

‎03-20-201608:21 AM

can't be 100% certain either, but seeing how it just lowers the packetsize and in your case not that much i would expect no issues coming from it.

i would like to know, if i was in your situation, why this change is helping. as pointed out before start making a good drawing of your network and start capturing packets to see how big they are and where this issue starts.